version 1.342, 2006/09/05 15:35:14
|
version 1.348, 2006/11/21 20:58:06
|
Line 40 use IO::File;
|
Line 40 use IO::File;
|
use POSIX; |
use POSIX; |
use Crypt::IDEA; |
use Crypt::IDEA; |
use LWP::UserAgent(); |
use LWP::UserAgent(); |
|
use Digest::MD5 qw(md5_hex); |
use GDBM_File; |
use GDBM_File; |
use Authen::Krb4; |
use Authen::Krb4; |
use Authen::Krb5; |
use Authen::Krb5; |
Line 1574 sub change_password_handler {
|
Line 1575 sub change_password_handler {
|
# uname - Username. |
# uname - Username. |
# upass - Current password. |
# upass - Current password. |
# npass - New password. |
# npass - New password. |
|
# context - Context in which this was called |
|
# (preferences or reset_by_email). |
|
|
my ($udom,$uname,$upass,$npass)=split(/:/,$tail); |
my ($udom,$uname,$upass,$npass,$context)=split(/:/,$tail); |
|
|
$upass=&unescape($upass); |
$upass=&unescape($upass); |
$npass=&unescape($npass); |
$npass=&unescape($npass); |
&Debug("Trying to change password for $uname"); |
&Debug("Trying to change password for $uname"); |
|
|
# First require that the user can be authenticated with their |
# First require that the user can be authenticated with their |
# old password: |
# old password unless context was 'reset_by_email': |
|
|
my $validated = &validate_user($udom, $uname, $upass); |
my $validated; |
|
if ($context eq 'reset_by_email') { |
|
$validated = 1; |
|
} else { |
|
$validated = &validate_user($udom, $uname, $upass); |
|
} |
if($validated) { |
if($validated) { |
my $realpasswd = &get_auth_type($udom, $uname); # Defined since authd. |
my $realpasswd = &get_auth_type($udom, $uname); # Defined since authd. |
|
|
Line 1603 sub change_password_handler {
|
Line 1611 sub change_password_handler {
|
."to change password"); |
."to change password"); |
&Failure( $client, "non_authorized\n",$userinput); |
&Failure( $client, "non_authorized\n",$userinput); |
} |
} |
} elsif ($howpwd eq 'unix') { |
} elsif ($howpwd eq 'unix' && $context ne 'reset_by_email') { |
my $result = &change_unix_password($uname, $npass); |
my $result = &change_unix_password($uname, $npass); |
&logthis("Result of password change for $uname: ". |
&logthis("Result of password change for $uname: ". |
$result); |
$result); |
Line 2123 sub token_auth_user_file_handler {
|
Line 2131 sub token_auth_user_file_handler {
|
|
|
chomp($session); |
chomp($session); |
my $reply="non_auth\n"; |
my $reply="non_auth\n"; |
if (open(ENVIN,$perlvar{'lonIDsDir'}.'/'. |
my $file = $perlvar{'lonIDsDir'}.'/'.$session.'.id'; |
$session.'.id')) { |
if (open(ENVIN,"$file")) { |
flock(ENVIN,LOCK_SH); |
flock(ENVIN,LOCK_SH); |
while (my $line=<ENVIN>) { |
tie(my %disk_env,'GDBM_File',"$file",&GDBM_READER(),0640); |
my ($envname)=split(/=/,$line,2); |
if (exists($disk_env{"userfile.$fname"})) { |
$envname=&unescape($envname); |
$reply="ok\n"; |
if ($envname=~ m|^userfile\.\Q$fname\E|) { $reply="ok\n"; } |
} else { |
|
foreach my $envname (keys(%disk_env)) { |
|
if ($envname=~ m|^userfile\.\Q$fname\E|) { |
|
$reply="ok\n"; |
|
last; |
|
} |
|
} |
} |
} |
|
untie(%disk_env); |
close(ENVIN); |
close(ENVIN); |
&Reply($client, $reply, "$cmd:$tail"); |
&Reply($client, $reply, "$cmd:$tail"); |
} else { |
} else { |
Line 3350 sub dump_course_id_handler {
|
Line 3365 sub dump_course_id_handler {
|
my $userinput = "$cmd:$tail"; |
my $userinput = "$cmd:$tail"; |
|
|
my ($udom,$since,$description,$instcodefilter,$ownerfilter,$coursefilter, |
my ($udom,$since,$description,$instcodefilter,$ownerfilter,$coursefilter, |
$typefilter) =split(/:/,$tail); |
$typefilter,$regexp_ok) =split(/:/,$tail); |
if (defined($description)) { |
if (defined($description)) { |
$description=&unescape($description); |
$description=&unescape($description); |
} else { |
} else { |
Line 3387 sub dump_course_id_handler {
|
Line 3402 sub dump_course_id_handler {
|
} else { |
} else { |
$typefilter='.'; |
$typefilter='.'; |
} |
} |
|
if (defined($regexp_ok)) { |
|
$regexp_ok=&unescape($regexp_ok); |
|
} |
|
|
unless (defined($since)) { $since=0; } |
unless (defined($since)) { $since=0; } |
my $qresult=''; |
my $qresult=''; |
Line 3407 sub dump_course_id_handler {
|
Line 3425 sub dump_course_id_handler {
|
} |
} |
unless ($instcodefilter eq '.' || !defined($instcodefilter)) { |
unless ($instcodefilter eq '.' || !defined($instcodefilter)) { |
my $unescapeInstcode = &unescape($inst_code); |
my $unescapeInstcode = &unescape($inst_code); |
unless (eval('$unescapeInstcode=~/\Q$instcodefilter\E/i')) { |
if ($regexp_ok) { |
$match = 0; |
unless (eval('$unescapeInstcode=~/$instcodefilter/')) { |
|
$match = 0; |
|
} |
|
} else { |
|
unless (eval('$unescapeInstcode=~/\Q$instcodefilter\E/i')) { |
|
$match = 0; |
|
} |
} |
} |
} |
} |
unless ($ownerfilter eq '.' || !defined($ownerfilter)) { |
unless ($ownerfilter eq '.' || !defined($ownerfilter)) { |
Line 3486 sub dump_course_id_handler {
|
Line 3510 sub dump_course_id_handler {
|
®ister_handler("courseiddump", \&dump_course_id_handler, 0, 1, 0); |
®ister_handler("courseiddump", \&dump_course_id_handler, 0, 1, 0); |
|
|
# |
# |
|
# Puts an unencrypted entry in a namespace db file at the domain level |
|
# |
|
# Parameters: |
|
# $cmd - The command that got us here. |
|
# $tail - Tail of the command (remaining parameters). |
|
# $client - File descriptor connected to client. |
|
# Returns |
|
# 0 - Requested to exit, caller should shut down. |
|
# 1 - Continue processing. |
|
# Side effects: |
|
# reply is written to $client. |
|
# |
|
sub put_domain_handler { |
|
my ($cmd,$tail,$client) = @_; |
|
|
|
my $userinput = "$cmd:$tail"; |
|
|
|
my ($udom,$namespace,$what) =split(/:/,$tail,3); |
|
chomp($what); |
|
my @pairs=split(/\&/,$what); |
|
my $hashref = &tie_domain_hash($udom, "$namespace", &GDBM_WRCREAT(), |
|
"P", $what); |
|
if ($hashref) { |
|
foreach my $pair (@pairs) { |
|
my ($key,$value)=split(/=/,$pair); |
|
$hashref->{$key}=$value; |
|
} |
|
if (&untie_domain_hash($hashref)) { |
|
&Reply($client, "ok\n", $userinput); |
|
} else { |
|
&Failure($client, "error: ".($!+0)." untie(GDBM) Failed ". |
|
"while attempting putdom\n", $userinput); |
|
} |
|
} else { |
|
&Failure( $client, "error: ".($!+0)." tie(GDBM) Failed ". |
|
"while attempting putdom\n", $userinput); |
|
} |
|
|
|
return 1; |
|
} |
|
®ister_handler("putdom", \&put_domain_handler, 0, 1, 0); |
|
|
|
# Unencrypted get from the namespace database file at the domain level. |
|
# This function retrieves a keyed item from a specific named database in the |
|
# domain directory. |
|
# |
|
# Parameters: |
|
# $cmd - Command request keyword (get). |
|
# $tail - Tail of the command. This is a colon separated list |
|
# consisting of the domain and the 'namespace' |
|
# which selects the gdbm file to do the lookup in, |
|
# & separated list of keys to lookup. Note that |
|
# the values are returned as an & separated list too. |
|
# $client - File descriptor open on the client. |
|
# Returns: |
|
# 1 - Continue processing. |
|
# 0 - Exit. |
|
# Side effects: |
|
# reply is written to $client. |
|
# |
|
|
|
sub get_domain_handler { |
|
my ($cmd, $tail, $client) = @_; |
|
|
|
my $userinput = "$client:$tail"; |
|
|
|
my ($udom,$namespace,$what)=split(/:/,$tail,3); |
|
chomp($what); |
|
my @queries=split(/\&/,$what); |
|
my $qresult=''; |
|
my $hashref = &tie_domain_hash($udom, "$namespace", &GDBM_READER()); |
|
if ($hashref) { |
|
for (my $i=0;$i<=$#queries;$i++) { |
|
$qresult.="$hashref->{$queries[$i]}&"; |
|
} |
|
if (&untie_domain_hash($hashref)) { |
|
$qresult=~s/\&$//; |
|
&Reply($client, "$qresult\n", $userinput); |
|
} else { |
|
&Failure( $client, "error: ".($!+0)." untie(GDBM) Failed ". |
|
"while attempting getdom\n",$userinput); |
|
} |
|
} else { |
|
&Failure($client, "error: ".($!+0)." tie(GDBM) Failed ". |
|
"while attempting getdom\n",$userinput); |
|
} |
|
|
|
return 1; |
|
} |
|
®ister_handler("getdom", \&get_id_handler, 0, 1, 0); |
|
|
|
|
|
# |
# Puts an id to a domains id database. |
# Puts an id to a domains id database. |
# |
# |
# Parameters: |
# Parameters: |
Line 3856 sub tmp_put_handler {
|
Line 3973 sub tmp_put_handler {
|
|
|
my $userinput = "$cmd:$what"; # Reconstruct for logging. |
my $userinput = "$cmd:$what"; # Reconstruct for logging. |
|
|
|
my ($record,$context) = split(/:/,$what); |
my $store; |
if ($context ne '') { |
|
chomp($context); |
|
$context = &unescape($context); |
|
} |
|
my ($id,$store); |
$tmpsnum++; |
$tmpsnum++; |
my $id=$$.'_'.$clientip.'_'.$tmpsnum; |
if ($context eq 'resetpw') { |
|
$id = &md5_hex(&md5_hex(time.{}.rand().$$)); |
|
} else { |
|
$id = $$.'_'.$clientip.'_'.$tmpsnum; |
|
} |
$id=~s/\W/\_/g; |
$id=~s/\W/\_/g; |
$what=~s/\n//g; |
$record=~s/\n//g; |
my $execdir=$perlvar{'lonDaemons'}; |
my $execdir=$perlvar{'lonDaemons'}; |
if ($store=IO::File->new(">$execdir/tmp/$id.tmp")) { |
if ($store=IO::File->new(">$execdir/tmp/$id.tmp")) { |
print $store $what; |
print $store $record; |
close $store; |
close $store; |
&Reply($client, "$id\n", $userinput); |
&Reply($client, "$id\n", $userinput); |
} else { |
} else { |
Line 4346 sub get_institutional_code_format_handle
|
Line 4471 sub get_institutional_code_format_handle
|
®ister_handler("autoinstcodeformat", |
®ister_handler("autoinstcodeformat", |
\&get_institutional_code_format_handler,0,1,0); |
\&get_institutional_code_format_handler,0,1,0); |
|
|
|
sub get_institutional_defaults_handler { |
|
my ($cmd, $tail, $client) = @_; |
|
my $userinput = "$cmd:$tail"; |
|
|
|
my $dom = $tail; |
|
my %defaults_hash; |
|
my @code_order; |
|
my $outcome; |
|
eval { |
|
local($SIG{__DIE__})='DEFAULT'; |
|
$outcome = &localenroll::instcode_defaults($dom,\%defaults_hash, |
|
\@code_order); |
|
}; |
|
if (!$@) { |
|
if ($outcome eq 'ok') { |
|
my $result=''; |
|
while (my ($key,$value) = each(%defaults_hash)) { |
|
$result.=&escape($key).'='.&escape($value).'&'; |
|
} |
|
$result .= 'code_order='.&escape(join('&',@code_order)); |
|
&Reply($client,$result."\n",$userinput); |
|
} else { |
|
&Reply($client,"error\n", $userinput); |
|
} |
|
} else { |
|
&Failure($client,"unknown_cmd\n",$userinput); |
|
} |
|
} |
|
®ister_handler("autoinstcodedefaults", |
|
\&get_institutional_defaults_handler,0,1,0); |
|
|
|
|
# Get domain specific conditions for import of student photographs to a course |
# Get domain specific conditions for import of student photographs to a course |
# |
# |
# Retrieves information from photo_permission subroutine in localenroll. |
# Retrieves information from photo_permission subroutine in localenroll. |